Itway S.p.A. - ITWAY CYBER SECURITY SERVICES

CYBER SECURITY SERVICES

Cyber Security - Security Consulting

Information Security or Cyber Security? When we move from the analysis of networks and the technology used to make IT security considering what can happen to people's lives following an attack, here we start talking about Cyber Security.
  • Cyber Security is strictly connected to Cyber Intelligence, Cyber crime, Cyber war;
  • Security Consulting is the set of high skills (Know-how and methodologies) that face the challenges connected to Cyber security
  • Security Consulting: from Prevention to Defense.
    • CYBER SECURITY SERVICES

    Security Consulting - FROM PREVENTION TO DEFENSE

    Managed Security Services: managed IT security services

    Managed Security Servicesis the technological platform that allows for prevention and defense, monitoring, thanks to a single control panel, the state of the IT security of companies.
    Itway is certified ISO 9001:2015, ISO 27001:2013, certifications that attest to the quality of our services, including the monitoring of the functionality and security of the customers' Information Technology (IT) infrastructures, including MOC ( Monitoring Operation Center) NOC (Networking Operation Center), SOC (Security Operation Center) and assistance in IT security, CERT (Computer Emergency Response/Readiness Team) services. Furthermore, the innovative international standard for Operation Technology (OT) Cybersecurity (Cybersecurity for industrial plants) is enabled.
    The services can be provided H24 / 365 days a year. Their primary objective is to increase profitability, optimize operating costs and improve data and process security through the outsourcing of services.
    CYBER SECURITY SERVICES

    • ASSESSMENT

      Analysis and adaptation of security processes and procedures, ISO27001 and EC 62443

    • STANDARD E LAW COMPLIANCE

      GDPR-European Privacy Regulation (EU) 2016/679 Directive (EU) 2016/680 Legislative Decree 231/2001, Legislative Decree 196/03 PCI DSS and Business Continuity

    • ETHICAL HACKING

      Vulnerability Assessment, Penetration testing, Code analysis, SCADA and critical infrastructures, Reverse Engineering, Social Engineering

    • PROACTIVE SAFETY

      Analysis and adaptation of the infrastructure. Introduction of new control instruments, environmental remediation

    • CYBER RISK MANAGEMENT

      Analysis, measurement and risk management

    • TRAINING AND AWARENESS

      Continuous update on legal issues and new standards

    Ethical Hacking

    The highly critical of the information managed by the companies, sometimes make it necessary to photograph the security status of the systems.
    The activities of Ethical Hacking are among the most advanced from a technical point of view, as they also allow you to simulate real attacks by malicious hackers.

    Advantages
    These activities allow both to have an overview of the security status of company systems or applications, through automated or manual activities, and to simulate a real attack by external or internal users and therefore have a more complete view of the status. security of the infrastructure.
    1

    VULNERABILITY ASSESSMENT

    Activities aimed at assessing the security status of the application or the infrastructural components examined
    2

    VULNERABILITY MANAGEMENT

    They offer a continuous management of the risks associated with the vulnerabilities found on the verified infrastructure
    3

    COMPUTER FORENSIC

    Activity that allows the identification and extraction of computer data using appropriate methodologies that guarantee the integrity of the information
    4

    WI-FI ASSESSMENT

    The activity of WiFi Security Probe is aimed at identifying any gaps in the security of the wireless infrastructure
    5

    SOCIAL ENGINEERING

    Set of communication and persuasion techniques one aimed at inducing a predefined victim to perform actions with the aim of obtaining information and tools necessary for access to systems or resources of the company
    6

    EXPOSURE ASSESSMENT

    Search and collection of data from available sources (OSINT), from the Surface Web, from the Deep and from the Dark Web to carry out a precise analysis of the company's exposure to any cyber attacks and the presence of exposed information
    7

    CODE REVIEW

    The Code Review activity aims to examine the source code of the applications in order to identify any vulnerabilities
    8

    REVERSE ENGINEERING

    Analysis details of devices or software in order to understand and analyze their behavior in depth
    9

    PENETRATION TESTING

    Evaluate the status of the protections and security controls, carrying out a detailed in-depth analysis on a group of critical assets
    10

    RETURN PLANS

    Implementation of the remediation plans from vulnerabilities found on an infrastructure or an application
    11

    SCADA - OT (INFRASTRUTTURE CRITICHE)

    The security of SCADA systems and OT (Operational Technology) is one of the biggest challenges in the field of computer security, given the role of these systems in the industries and in the delivery of essential services